On Wed, 18 Nov 2020, Paolo Abeni wrote:
We must start the retransmission timer only there are
pending data in the rtx queue.
Otherwise we can hit a WARN_ON in mptcp_reset_timer(),
as syzbot demonstrated.
Reported-and-tested-by: syzbot+42aa53dafb66a07e5...@syzkaller.appspotmail.com
Fixes: d9ca1de8c0cd ("mptcp: move page frag allocation in mptcp_sendmsg()")
Signed-off-by: Paolo Abeni <pab...@redhat.com>
---
net/mptcp/protocol.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
Reviewed-by: Mat Martineau <mathew.j.martin...@linux.intel.com>
--
Mat Martineau
Intel
